This topic is locked
Ad-Aware SE Build 1.05
Logfile Created on:Wednesday, April 20, 2005 12:18:18 PM
Created with Ad-Aware SE Personal, free for private use.
Using definitions file:SE1R40 20.04.2005
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
References detected during the scan:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
180Solutions(TAC index:6):14 total references
CoolWebSearch(TAC index:10):1353 total references
IBIS Toolbar(TAC index:5):6 total references
Possible Browser Hijack attempt(TAC index:3):8 total references
SahAgent(TAC index:9):6 total references
Security iGuard(TAC index:9):9 total references
WindUpdates(TAC index:8):7 total references
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
Definition File:
=========================
Definitions File Loaded:
Reference Number : SE1R40 20.04.2005
Internal build : 47
File location : C:\Program Files\Lavasoft\Ad-Aware SE Personal\defs.ref
File size : 461235 Bytes
Total size : 1395231 Bytes
Signature data size : 1364710 Bytes
Reference data size : 30009 Bytes
Signatures total : 38921
Fingerprints total : 813
Fingerprints size : 29073 Bytes
Target categories : 15
Target families : 650
Memory + processor status:
==========================
Number of processors : 1
Processor architecture : Intel Pentium III
Memory available:19 %
Total physical memory:260080 kb
Available physical memory:47668 kb
Total page file size:443280 kb
Available on page file:267084 kb
Total virtual memory:2097024 kb
Available virtual memory:2042832 kb
OS:Microsoft Windows XP Professional Service Pack 2 (Build 2600)
Ad-Aware SE Settings
===========================
Set : Safe mode (always request confirmation)
Set : Scan active processes
Set : Scan registry
Set : Deep-scan registry
Set : Scan my IE Favorites for banned URLs
Set : Scan my Hosts file
Extended Ad-Aware SE Settings
===========================
Set : Unload recognized processes & modules during scan
Set : Scan registry for all users instead of current user only
Set : Always try to unload modules before deletion
Set : During removal, unload Explorer and IE if necessary
Set : Let Windows remove files in use at next reboot
Set : Delete quarantined objects after restoring
Set : Include basic Ad-Aware settings in log file
Set : Include additional Ad-Aware settings in log file
Set : Include reference summary in log file
Set : Include alternate data stream details in log file
Set : Play sound at scan completion if scan locates critical objects
4-20-2005 12:18:18 PM - Scan started. (Full System Scan)
Listing running processes
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
#:1 [smss.exe]
FilePath : \SystemRoot\System32\
ProcessID : 972
ThreadCreationTime : 4-20-2005 4:49:11 PM
BasePriority : Normal
#:2 [csrss.exe]
FilePath : \??\C:\WINDOWS\system32\
ProcessID : 1096
ThreadCreationTime : 4-20-2005 4:49:13 PM
BasePriority : Normal
#:3 [winlogon.exe]
FilePath : \??\C:\WINDOWS\system32\
ProcessID : 1120
ThreadCreationTime : 4-20-2005 4:49:14 PM
BasePriority : High
Warning! CoolWebSearch Object found in memory(C:\WINDOWS\system32\63x5hnhuh495spdll.dll.dll.dll.dll.dll.dll.dll.dll.dll.dll.dll.dll)
CoolWebSearch Object Recognized!
Type : Process
Data : 63x5hnhuh495spdll.dll.dll.dll.dll.dll.dll.dll.dll.dll.dll.dll.dll
Category : Malware
Comment :
Object : C:\WINDOWS\system32\
FileVersion : 1, 0, 31, 0
ProductVersion : 1, 0, 31, 0
ProductName : Cassandra
CompanyName : Melkosoft Corporation
LegalCopyright : Copyright © 2004
Warning! CoolWebSearch Object found in memory(C:\WINDOWS\system32\h9tsdulbkyk6.dll)
CoolWebSearch Object Recognized!
Type : Process
Data : h9tsdulbkyk6.dll
Category : Malware
Comment :
Object : C:\WINDOWS\system32\
FileVersion : 1, 0, 31, 0
ProductVersion : 1, 0, 31, 0
ProductName : Cassandra
CompanyName : Melkosoft Corporation
LegalCopyright : Copyright © 2004
#:4 [services.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 1164
ThreadCreationTime : 4-20-2005 4:49:15 PM
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Services and Controller app
InternalName : services.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : services.exe
Warning! CoolWebSearch Object found in memory(C:\WINDOWS\system32\63x5hnhuh495spdll.dll.dll.dll.dll.dll.dll.dll.dll.dll.dll.dll.dll)
CoolWebSearch Object Recognized!
Type : Process
Data : 63x5hnhuh495spdll.dll.dll.dll.dll.dll.dll.dll.dll.dll.dll.dll.dll
Category : Malware
Comment :
Object : C:\WINDOWS\system32\
FileVersion : 1, 0, 31, 0
ProductVersion : 1, 0, 31, 0
ProductName : Cassandra
CompanyName : Melkosoft Corporation
LegalCopyright : Copyright © 2004
Warning! CoolWebSearch Object found in memory(C:\WINDOWS\system32\h9tsdulbkyk6.dll)
CoolWebSearch Object Recognized!
Type : Process
Data : h9tsdulbkyk6.dll
Category : Malware
Comment :
Object : C:\WINDOWS\system32\
FileVersion : 1, 0, 31, 0
ProductVersion : 1, 0, 31, 0
ProductName : Cassandra
CompanyName : Melkosoft Corporation
LegalCopyright : Copyright © 2004
#:5 [lsass.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 1176
ThreadCreationTime : 4-20-2005 4:49:15 PM
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : LSA Shell (Export Version)
InternalName : lsass.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : lsass.exe
Warning! CoolWebSearch Object found in memory(C:\WINDOWS\system32\63x5hnhuh495spdll.dll.dll.dll.dll.dll.dll.dll.dll.dll.dll.dll.dll)
CoolWebSearch Object Recognized!
Type : Process
Data : 63x5hnhuh495spdll.dll.dll.dll.dll.dll.dll.dll.dll.dll.dll.dll.dll
Category : Malware
Comment :
Object : C:\WINDOWS\system32\
FileVersion : 1, 0, 31, 0
ProductVersion : 1, 0, 31, 0
ProductName : Cassandra
CompanyName : Melkosoft Corporation
LegalCopyright : Copyright © 2004
Warning! CoolWebSearch Object found in memory(C:\WINDOWS\system32\h9tsdulbkyk6.dll)
CoolWebSearch Object Recognized!
Type : Process
Data : h9tsdulbkyk6.dll
Category : Malware
Comment :
Object : C:\WINDOWS\system32\
FileVersion : 1, 0, 31, 0
ProductVersion : 1, 0, 31, 0
ProductName : Cassandra
CompanyName : Melkosoft Corporation
LegalCopyright : Copyright © 2004
#:6 [svchost.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 1324
ThreadCreationTime : 4-20-2005 4:49:16 PM
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe
Warning! CoolWebSearch Object found in memory(C:\WINDOWS\system32\63x5hnhuh495spdll.dll.dll.dll.dll.dll.dll.dll.dll.dll.dll.dll.dll)
CoolWebSearch Object Recognized!
Type : Process
Data : 63x5hnhuh495spdll.dll.dll.dll.dll.dll.dll.dll.dll.dll.dll.dll.dll
Category : Malware
Comment :
Object : C:\WINDOWS\system32\
FileVersion : 1, 0, 31, 0
ProductVersion : 1, 0, 31, 0
ProductName : Cassandra
CompanyName : Melkosoft Corporation
LegalCopyright : Copyright © 2004
Warning! CoolWebSearch Object found in memory(C:\WINDOWS\system32\h9tsdulbkyk6.dll)
CoolWebSearch Object Recognized!
Type : Process
Data : h9tsdulbkyk6.dll
Category : Malware
Comment :
Object : C:\WINDOWS\system32\
FileVersion : 1, 0, 31, 0
ProductVersion : 1, 0, 31, 0
ProductName : Cassandra
CompanyName : Melkosoft Corporation
LegalCopyright : Copyright © 2004
#:7 [svchost.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 1404
ThreadCreationTime : 4-20-2005 4:49:16 PM
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe
Warning! CoolWebSearch Object found in memory(C:\WINDOWS\system32\63x5hnhuh495spdll.dll.dll.dll.dll.dll.dll.dll.dll.dll.dll.dll.dll)
CoolWebSearch Object Recognized!
Type : Process
Data : 63x5hnhuh495spdll.dll.dll.dll.dll.dll.dll.dll.dll.dll.dll.dll.dll
Category : Malware
Comment :
Object : C:\WINDOWS\system32\
FileVersion : 1, 0, 31, 0
ProductVersion : 1, 0, 31, 0
ProductName : Cassandra
CompanyName : Melkosoft Corporation
LegalCopyright : Copyright © 2004
Warning! CoolWebSearch Object found in memory(C:\WINDOWS\system32\h9tsdulbkyk6.dll)
CoolWebSearch Object Recognized!
Type : Process
Data : h9tsdulbkyk6.dll
Category : Malware
Comment :
Object : C:\WINDOWS\system32\
FileVersion : 1, 0, 31, 0
ProductVersion : 1, 0, 31, 0
ProductName : Cassandra
CompanyName : Melkosoft Corporation
LegalCopyright : Copyright © 2004
#:8 [svchost.exe]
FilePath : C:\WINDOWS\System32\
ProcessID : 1440
ThreadCreationTime : 4-20-2005 4:49:17 PM
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe
Warning! CoolWebSearch Object found in memory(C:\WINDOWS\System32\63x5hnhuh495spdll.dll.dll.dll.dll.dll.dll.dll.dll.dll.dll.dll.dll)
CoolWebSearch Object Recognized!
Type : Process
Data : 63x5hnhuh495spdll.dll.dll.dll.dll.dll.dll.dll.dll.dll.dll.dll.dll
Category : Malware
Comment :
Object : C:\WINDOWS\System32\
FileVersion : 1, 0, 31, 0
ProductVersion : 1, 0, 31, 0
ProductName : Cassandra
CompanyName : Melkosoft Corporation
LegalCopyright : Copyright © 2004
Warning! CoolWebSearch Object found in memory(C:\WINDOWS\system32\h9tsdulbkyk6.dll)
CoolWebSearch Object Recognized!
Type : Process
Data : h9tsdulbkyk6.dll
Category : Malware
Comment :
Object : C:\WINDOWS\system32\
FileVersion : 1, 0, 31, 0
ProductVersion : 1, 0, 31, 0
ProductName : Cassandra
CompanyName : Melkosoft Corporation
LegalCopyright : Copyright © 2004
#:9 [svchost.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 1488
ThreadCreationTime : 4-20-2005 4:49:17 PM
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe
Warning! CoolWebSearch Object found in memory(C:\WINDOWS\system32\63x5hnhuh495spdll.dll.dll.dll.dll.dll.dll.dll.dll.dll.dll.dll.dll)
CoolWebSearch Object Recognized!
Type : Process
Data : 63x5hnhuh495spdll.dll.dll.dll.dll.dll.dll.dll.dll.dll.dll.dll.dll
Category : Malware
Comment :
Object : C:\WINDOWS\system32\
FileVersion : 1, 0, 31, 0
ProductVersion : 1, 0, 31, 0
ProductName : Cassandra
CompanyName : Melkosoft Corporation
LegalCopyright : Copyright © 2004
Warning! CoolWebSearch Object found in memory(C:\WINDOWS\system32\h9tsdulbkyk6.dll)
CoolWebSearch Object Recognized!
Type : Process
Data : h9tsdulbkyk6.dll
Category : Malware
Comment :
Object : C:\WINDOWS\system32\
FileVersion : 1, 0, 31, 0
ProductVersion : 1, 0, 31, 0
ProductName : Cassandra
CompanyName : Melkosoft Corporation
LegalCopyright : Copyright © 2004
#:10 [svchost.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 1548
ThreadCreationTime : 4-20-2005 4:49:17 PM
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe
Warning! CoolWebSearch Object found in memory(C:\WINDOWS\system32\63x5hnhuh495spdll.dll.dll.dll.dll.dll.dll.dll.dll.dll.dll.dll.dll)
CoolWebSearch Object Recognized!
Type : Process
Data : 63x5hnhuh495spdll.dll.dll.dll.dll.dll.dll.dll.dll.dll.dll.dll.dll
Category : Malware
Comment :
Object : C:\WINDOWS\system32\
FileVersion : 1, 0, 31, 0
ProductVersion : 1, 0, 31, 0
ProductName : Cassandra
CompanyName : Melkosoft Corporation
LegalCopyright : Copyright © 2004
Warning! CoolWebSearch Object found in memory(C:\WINDOWS\system32\h9tsdulbkyk6.dll)
CoolWebSearch Object Recognized!
Type : Process
Data : h9tsdulbkyk6.dll
Category : Malware
Comment :
Object : C:\WINDOWS\system32\
FileVersion : 1, 0, 31, 0
ProductVersion : 1, 0, 31, 0
ProductName : Cassandra
CompanyName : Melkosoft Corporation
LegalCopyright : Copyright © 2004
#:11 [explorer.exe]
FilePath : C:\WINDOWS\
ProcessID : 200
ThreadCreationTime : 4-20-2005 4:49:19 PM
BasePriority : Normal
FileVersion : 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 6.00.2900.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Windows Explorer
InternalName : explorer
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : EXPLORER.EXE
Warning! CoolWebSearch Object found in memory(C:\WINDOWS\system32\63x5hnhuh495spdll.dll.dll.dll.dll.dll.dll.dll.dll.dll.dll.dll.dll)
CoolWebSearch Object Recognized!
Type : Process
Data : 63x5hnhuh495spdll.dll.dll.dll.dll.dll.dll.dll.dll.dll.dll.dll.dll
Category : Malware
Comment :
Object : C:\WINDOWS\system32\
FileVersion : 1, 0, 31, 0
ProductVersion : 1, 0, 31, 0
ProductName : Cassandra
CompanyName : Melkosoft Corporation
LegalCopyright : Copyright © 2004
Warning! CoolWebSearch Object found in memory(C:\WINDOWS\system32\h9tsdulbkyk6.dll)
CoolWebSearch Object Recognized!
Type : Process
Data : h9tsdulbkyk6.dll
Category : Malware
Comment :
Object : C:\WINDOWS\system32\
FileVersion : 1, 0, 31, 0
ProductVersion : 1, 0, 31, 0
ProductName : Cassandra
CompanyName : Melkosoft Corporation
LegalCopyright : Copyright © 2004
#:12 [spoolsv.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 164
ThreadCreationTime : 4-20-2005 4:49:20 PM
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Spooler SubSystem App
InternalName : spoolsv.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : spoolsv.exe
Warning! CoolWebSearch Object found in memory(C:\WINDOWS\system32\63x5hnhuh495spdll.dll.dll.dll.dll.dll.dll.dll.dll.dll.dll.dll.dll)
CoolWebSearch Object Recognized!
Type : Process
Data : 63x5hnhuh495spdll.dll.dll.dll.dll.dll.dll.dll.dll.dll.dll.dll.dll
Category : Malware
Comment :
Object : C:\WINDOWS\system32\
FileVersion : 1, 0, 31, 0
ProductVersion : 1, 0, 31, 0
ProductName : Cassandra
CompanyName : Melkosoft Corporation
LegalCopyright : Copyright © 2004
Warning! CoolWebSearch Object found in memory(C:\WINDOWS\system32\h9tsdulbkyk6.dll)
CoolWebSearch Object Recognized!
Type : Process
Data : h9tsdulbkyk6.dll
Category : Malware
Comment :
Object : C:\WINDOWS\system32\
FileVersion : 1, 0, 31, 0
ProductVersion : 1, 0, 31, 0
ProductName : Cassandra
CompanyName : Melkosoft Corporation
LegalCopyright : Copyright © 2004
#:13 [alg.exe]
FilePath : C:\WINDOWS\System32\
ProcessID : 1052
ThreadCreationTime : 4-20-2005 4:49:24 PM
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Application Layer Gateway Service
InternalName : ALG.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : ALG.exe
#:14 [msmsgs.exe]
FilePath : C:\Program Files\Messenger\
ProcessID : 612
ThreadCreationTime : 4-20-2005 4:49:26 PM
BasePriority : Normal
FileVersion : 4.7.3001
ProductVersion : Version 4.7.3001
ProductName : Messenger
CompanyName : Microsoft Corporation
FileDescription : Windows Messenger
InternalName : msmsgs
LegalCopyright : Copyright © Microsoft Corporation 2004
LegalTrademarks : Microsoft® is a registered trademark of Microsoft Corporation in the U.S. and/or other countries.
OriginalFilename : msmsgs.exe
Warning! CoolWebSearch Object found in memory(C:\WINDOWS\system32\63x5hnhuh495spdll.dll.dll.dll.dll.dll.dll.dll.dll.dll.dll.dll.dll)
CoolWebSearch Object Recognized!
Type : Process
Data : 63x5hnhuh495spdll.dll.dll.dll.dll.dll.dll.dll.dll.dll.dll.dll.dll
Category : Malware
Comment :
Object : C:\WINDOWS\system32\
FileVersion : 1, 0, 31, 0
ProductVersion : 1, 0, 31, 0
ProductName : Cassandra
CompanyName : Melkosoft Corporation
LegalCopyright : Copyright © 2004
Warning! CoolWebSearch Object found in memory(C:\WINDOWS\system32\h9tsdulbkyk6.dll)
CoolWebSearch Object Recognized!
Type : Process
Data : h9tsdulbkyk6.dll
Category : Malware
Comment :
Object : C:\WINDOWS\system32\
FileVersion : 1, 0, 31, 0
ProductVersion : 1, 0, 31, 0
ProductName : Cassandra
CompanyName : Melkosoft Corporation
LegalCopyright : Copyright © 2004
#:15 [svchost.exe]
FilePath : C:\WINDOWS\System32\
ProcessID : 1568
ThreadCreationTime : 4-20-2005 4:49:27 PM
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe
Warning! CoolWebSearch Object found in memory(C:\WINDOWS\System32\63x5hnhuh495spdll.dll.dll.dll.dll.dll.dll.dll.dll.dll.dll.dll.dll)
CoolWebSearch Object Recognized!
Type : Process
Data : 63x5hnhuh495spdll.dll.dll.dll.dll.dll.dll.dll.dll.dll.dll.dll.dll
Category : Malware
Comment :
Object : C:\WINDOWS\System32\
FileVersion : 1, 0, 31, 0
ProductVersion : 1, 0, 31, 0
ProductName : Cassandra
CompanyName : Melkosoft Corporation
LegalCopyright : Copyright © 2004
Warning! CoolWebSearch Object found in memory(C:\WINDOWS\system32\h9tsdulbkyk6.dll)
CoolWebSearch Object Recognized!
Type : Process
Data : h9tsdulbkyk6.dll
Category : Malware
Comment :
Object : C:\WINDOWS\system32\
FileVersion : 1, 0, 31, 0
ProductVersion : 1, 0, 31, 0
ProductName : Cassandra
CompanyName : Melkosoft Corporation
LegalCopyright : Copyright © 2004
#:16 [hotsync.exe]
FilePath : C:\Program Files\palmOne\
ProcessID : 740
ThreadCreationTime : 4-20-2005 4:49:27 PM
BasePriority : Normal
FileVersion : 6.0.1
ProductVersion : 6.0.1
ProductName : HotSync® Manager
CompanyName : PalmSource, Inc
FileDescription : HotSync® Manager Application
InternalName : HotSync®
LegalCopyright : Copyright © 1995-2004 PalmSource Inc.
LegalTrademarks : HotSync® is a registered trademark of PalmSource Inc.
OriginalFilename : Hotsync.exe
Warning! CoolWebSearch Object found in memory(C:\WINDOWS\system32\h9tsdulbkyk6.dll)
CoolWebSearch Object Recognized!
Type : Process
Data : h9tsdulbkyk6.dll
Category : Malware
Comment :
Object : C:\WINDOWS\system32\
FileVersion : 1, 0, 31, 0
ProductVersion : 1, 0, 31, 0
ProductName : Cassandra
CompanyName : Melkosoft Corporation
LegalCopyright : Copyright © 2004
#:17 [odhost.exe]
FilePath : C:\Program Files\Linksys\Wireless-G Notebook Adapter\
ProcessID : 1344
ThreadCreationTime : 4-20-2005 4:49:31 PM
BasePriority : Normal
FileVersion : 1, 0, 0, 1
ProductVersion : 1, 0, 0, 1
FileDescription : Odyssey COM Host
InternalName : OdHost
LegalCopyright : Copyright © 2003
OriginalFilename : Odhost.exe
Warning! CoolWebSearch Object found in memory(C:\WINDOWS\system32\63x5hnhuh495spdll.dll.dll.dll.dll.dll.dll.dll.dll.dll.dll.dll.dll)
CoolWebSearch Object Recognized!
Type : Process
Data : 63x5hnhuh495spdll.dll.dll.dll.dll.dll.dll.dll.dll.dll.dll.dll.dll
Category : Malware
Comment :
Object : C:\WINDOWS\system32\
FileVersion : 1, 0, 31, 0
ProductVersion : 1, 0, 31, 0
ProductName : Cassandra
CompanyName : Melkosoft Corporation
LegalCopyright : Copyright © 2004
Warning! CoolWebSearch Object found in memory(C:\WINDOWS\system32\h9tsdulbkyk6.dll)
CoolWebSearch Object Recognized!
Type : Process
Data : h9tsdulbkyk6.dll
Category : Malware
Comment :
Object : C:\WINDOWS\system32\
FileVersion : 1, 0, 31, 0
ProductVersion : 1, 0, 31, 0
ProductName : Cassandra
CompanyName : Melkosoft Corporation
LegalCopyright : Copyright © 2004
#:18 [wpc54cfg.exe]
FilePath : C:\Program Files\Linksys\Wireless-G Notebook Adapter\
ProcessID : 1968
ThreadCreationTime : 4-20-2005 4:49:32 PM
BasePriority : Normal
FileVersion : 2.1.3.32
ProductVersion : 1.3.0.1
ProductName : Linksys Instant WLAN Monitor
CompanyName : The Linksys Group, Inc.
FileDescription : Linksys Instant WLAN Monitor
InternalName : WLANMonitor.EXE
LegalCopyright : Copyright © 2003, Linksys
LegalTrademarks : Instant Wireless
OriginalFilename : WLANMonitor.EXE
Comments : Linksys Instant WLAN Monitor
Warning! CoolWebSearch Object found in memory(C:\WINDOWS\system32\63x5hnhuh495spdll.dll.dll.dll.dll.dll.dll.dll.dll.dll.dll.dll.dll)
CoolWebSearch Object Recognized!
Type : Process
Data : 63x5hnhuh495spdll.dll.dll.dll.dll.dll.dll.dll.dll.dll.dll.dll.dll
Category : Malware
Comment :
Object : C:\WINDOWS\system32\
FileVersion : 1, 0, 31, 0
ProductVersion : 1, 0, 31, 0
ProductName : Cassandra
CompanyName : Melkosoft Corporation
LegalCopyright : Copyright © 2004
Warning! CoolWebSearch Object found in memory(C:\WINDOWS\system32\h9tsdulbkyk6.dll)
CoolWebSearch Object Recognized!
Type : Process
Data : h9tsdulbkyk6.dll
Category : Malware
Comment :
Object : C:\WINDOWS\system32\
FileVersion : 1, 0, 31, 0
ProductVersion : 1, 0, 31, 0
ProductName : Cassandra
CompanyName : Melkosoft Corporation
LegalCopyright : Copyright © 2004
#:19 [wuauclt.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 2776
ThreadCreationTime : 4-20-2005 4:50:22 PM
BasePriority : Normal
FileVersion : 5.4.3790.2182 built by: srv03_rtm(ntvbl04)
ProductVersion : 5.4.3790.2182
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Automatic Updates
InternalName : wuauclt.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : wuauclt.exe
Warning! CoolWebSearch Object found in memory(C:\WINDOWS\system32\h9tsdulbkyk6.dll)
CoolWebSearch Object Recognized!
Type : Process
Data : h9tsdulbkyk6.dll
Category : Malware
Comment :
Object : C:\WINDOWS\system32\
FileVersion : 1, 0, 31, 0
ProductVersion : 1, 0, 31, 0
ProductName : Cassandra
CompanyName : Melkosoft Corporation
LegalCopyright : Copyright © 2004
#:20 [firefox.exe]
FilePath : C:\Program Files\Mozilla Firefox\
ProcessID : 3020
ThreadCreationTime : 4-20-2005 4:50:44 PM
BasePriority : Normal
Warning! CoolWebSearch Object found in memory(C:\WINDOWS\system32\63x5hnhuh495spdll.dll.dll.dll.dll.dll.dll.dll.dll.dll.dll.dll.dll)
CoolWebSearch Object Recognized!
Type : Process
Data : 63x5hnhuh495spdll.dll.dll.dll.dll.dll.dll.dll.dll.dll.dll.dll.dll
Category : Malware
Comment :
Object : C:\WINDOWS\system32\
FileVersion : 1, 0, 31, 0
ProductVersion : 1, 0, 31, 0
ProductName : Cassandra
CompanyName : Melkosoft Corporation
LegalCopyright : Copyright © 2004
Warning! CoolWebSearch Object found in memory(C:\WINDOWS\system32\h9tsdulbkyk6.dll)
CoolWebSearch Object Recognized!
Type : Process
Data : h9tsdulbkyk6.dll
Category : Malware
Comment :
Object : C:\WINDOWS\system32\
FileVersion : 1, 0, 31, 0
ProductVersion : 1, 0, 31, 0
ProductName : Cassandra
CompanyName : Melkosoft Corporation
LegalCopyright : Copyright © 2004
#:21 [ad-aware.exe]
FilePath : C:\Program Files\Lavasoft\Ad-Aware SE Personal\
ProcessID : 1976
ThreadCreationTime : 4-20-2005 5:13:02 PM
BasePriority : Normal
FileVersion : 6.2.0.206
ProductVersion : VI.Second Edition
ProductName : Lavasoft Ad-Aware SE
CompanyName : Lavasoft Sweden
FileDescription : Ad-Aware SE Core application
InternalName : Ad-Aware.exe
LegalCopyright : Copyright © Lavasoft Sweden
OriginalFilename : Ad-Aware.exe
Comments : All Rights Reserved
Warning! CoolWebSearch Object found in memory(C:\WINDOWS\system32\h9tsdulbkyk6.dll)
CoolWebSearch Object Recognized!
Type : Process
Data : h9tsdulbkyk6.dll
Category : Malware
Comment :
Object : C:\WINDOWS\system32\
FileVersion : 1, 0, 31, 0
ProductVersion : 1, 0, 31, 0
ProductName : Cassandra
CompanyName : Melkosoft Corporation
LegalCopyright : Copyright © 2004
Memory scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 33
Started registry scan
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
CoolWebSearch Object Recognized!
Type : Regkey
Data :
Category : Malware
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : typelib\{444a5674-ff85-45d4-9ae2-4199d8d70c85}
CoolWebSearch Object Recognized!
Type : Regkey
Data :
Category : Malware
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : typelib\{1293fed0-03d0-4426-b0cf-9d3c5141ba8c}
CoolWebSearch Object Recognized!
Type : Regkey
Data :
Category : Malware
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : redalert.here.1
CoolWebSearch Object Recognized!
Type : Regkey
Data :
Category : Malware
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : redalert.here
CoolWebSearch Object Recognized!
Type : Regkey
Data :
Category : Malware
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : popup.pop.1
CoolWebSearch Object Recognized!
Type : RegValue
Data :
Category : Malware
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : popup.pop.1
Value :
CoolWebSearch Object Recognized!
Type : Regkey
Data :
Category : Malware
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : popup.pop
CoolWebSearch Object Recognized!
Type : RegValue
Data :
Category : Malware
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : popup.pop
Value :
CoolWebSearch Object Recognized!
Type : Regkey
Data :
Category : Malware
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : plugin6.dnserrobj.1
CoolWebSearch Object Recognized!
Type : RegValue
Data :
Category : Malware
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : plugin6.dnserrobj.1
Value :
CoolWebSearch Object Recognized!
Type : Regkey
Data :
Category : Malware
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : plugin6.dnserrobj
CoolWebSearch Object Recognized!
Type : RegValue
Data :
Category : Malware
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : plugin6.dnserrobj
Value :
CoolWebSearch Object Recognized!
Type : Regkey
Data :
Category : Malware
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : interface\{f9bdb492-37d6-4e33-b324-058b22e21ffa}
CoolWebSearch Object Recognized!
Type : RegValue
Data :
Category : Malware
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : interface\{f9bdb492-37d6-4e33-b324-058b22e21ffa}
Value :
CoolWebSearch Object Recognized!
Type : Regkey
Data :
Category : Malware
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : interface\{0d721150-aef3-457b-b03a-5097b623ce45}
CoolWebSearch Object Recognized!
Type : RegValue
Data :
Category : Malware
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : interface\{0d721150-aef3-457b-b03a-5097b623ce45}
Value :
CoolWebSearch Object Recognized!
Type : Regkey
Data :
Category : Malware
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : clsid\{a9aee0dd-89e1-40ee-8749-a18650cc2175}
CoolWebSearch Object Recognized!
Type : RegValue
Data :
Category : Malware
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : clsid\{a9aee0dd-89e1-40ee-8749-a18650cc2175}
Value :
CoolWebSearch Object Recognized!
Type : Regkey
Data :
Category : Malware
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : clsid\{467faeb2-5f5b-4c81-bae0-2a4752ca7f4e}
CoolWebSearch Object Recognized!
Type : RegValue
Data :
Category : Malware
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : clsid\{467faeb2-5f5b-4c81-bae0-2a4752ca7f4e}
Value :
CoolWebSearch Object Recognized!
Type : Regkey
Data :
Category : Malware
Comment :
Rootkey : HKEY_USERS
Object : S-1-5-21-854245398-1343024091-1060284298-1003\software\serg
CoolWebSearch Object Recognized!
Type : Regkey
Data :
Category : Malware
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\microsoft\windows\currentversion\explorer\cassandra
CoolWebSearch Object Recognized!
Type : RegValue
Data :
Category : Malware
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\microsoft\windows\currentversion\explorer\cassandra
Value : data4
CoolWebSearch Object Recognized!
Type : RegValue
Data :
Category : Malware
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\microsoft\windows\currentversion\explorer\cassandra
Value : data3
CoolWebSearch Object Recognized!
Type : RegValue
Data :
Category : Malware
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\microsoft\windows\currentversion\explorer\cassandra
Value : data1
CoolWebSearch Object Recognized!
Type : RegValue
Data :
Category : Malware
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\microsoft\windows\currentversion\explorer\cassandra
Value : data2
CoolWebSearch Object Recognized!
Type : Regkey
Data :
Category : Malware
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\microsoft\windows\currentversion\explorer\browser helper objects\{467faeb2-5f5b-4c81-bae0-2a4752ca7f4e}
CoolWebSearch Object Recognized!
Type : RegValue
Data :
Category : Malware
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\microsoft\windows\currentversion\explorer\browser helper objects\{467faeb2-5f5b-4c81-bae0-2a4752ca7f4e}
Value :
CoolWebSearch Object Recognized!
Type : RegValue
Data :
Category : Malware
Comment : "TODO_Item_Data3_2"
Rootkey : HKEY_USERS
Object : S-1-5-21-854245398-1343024091-1060284298-1003\software\microsoft\internet explorer\settings
Value : TODO_Item_Data3_2
CoolWebSearch Object Recognized!
Type : RegValue
Data :
Category : Malware
Comment : "TODO_Item_Data3_1"
Rootkey : HKEY_USERS
Object : S-1-5-21-854245398-1343024091-1060284298-1003\software\microsoft\internet explorer\settings
Value : TODO_Item_Data3_1
CoolWebSearch Object Recognized!
Type : RegValue
Data :
Category : Malware
Comment : "TODO_Item_Data2_2"
Rootkey : HKEY_USERS
Object : S-1-5-21-854245398-1343024091-1060284298-1003\software\microsoft\internet explorer\settings
Value : TODO_Item_Data2_2
CoolWebSearch Object Recognized!
Type : RegValue
Data :
Category : Malware
Comment : "TODO_Item_Data2_1"
Rootkey : HKEY_USERS
Object : S-1-5-21-854245398-1343024091-1060284298-1003\software\microsoft\internet explorer\settings
Value : TODO_Item_Data2_1
CoolWebSearch Object Recognized!
Type : RegValue
Data :
Category : Malware
Comment : "TODO_Item_Data1_2"
Rootkey : HKEY_USERS
Object : S-1-5-21-854245398-1343024091-1060284298-1003\software\microsoft\internet explorer\settings
Value : TODO_Item_Data1_2
CoolWebSearch Object Recognized!
Type : RegValue
Data :
Category : Malware
Comment : "TODO_Item_Data1_1"
Rootkey : HKEY_USERS
Object : S-1-5-21-854245398-1343024091-1060284298-1003\software\microsoft\internet explorer\settings
Value : TODO_Item_Data1_1
CoolWebSearch Object Recognized!
Type : RegValue
Data :
Category : Malware
Comment : "TODO_Count"
Rootkey : HKEY_USERS
Object : S-1-5-21-854245398-1343024091-1060284298-1003\software\microsoft\internet explorer\settings
Value : TODO_Count
CoolWebSearch Object Recognized!
Type : RegValue
Data :
Category : Malware
Comment : "{0E1230F8-EA50-42A9-983C-D22ABC2EED3B}"
Rootkey : HKEY_LOCAL_MACHINE
Object : software\microsoft\internet explorer\toolbar
Value : {0E1230F8-EA50-42A9-983C-D22ABC2EED3B}
Registry Scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 36
Objects found so far: 69
Started deep registry scan
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
Possible Browser Hijack attempt : Software\Microsoft\Internet Explorer\MainSearch Pageletgohome.com
Possible Browser Hijack attempt Object Recognized!
Type : RegData
Data : "http://letgohome.com/hp.htm?id=9"
Category : Malware
Comment : Possible Browser Hijack attempt
Rootkey : HKEY_LOCAL_MACHINE
Object : Software\Microsoft\Internet Explorer\Main
Value : Search Page
Data : "http://letgohome.com/hp.htm?id=9"
Possible Browser Hijack attempt : S-1-5-21-854245398-1343024091-1060284298-1003\Software\Microsoft\Internet Explorer\MainSearch Pageletgohome.com
Possible Browser Hijack attempt Object Recognized!
Type : RegData
Data : "http://letgohome.com/sp.htm?id=9"
Category : Malware
Comment : Possible Browser Hijack attempt
Rootkey : HKEY_USERS
Object : S-1-5-21-854245398-1343024091-1060284298-1003\Software\Microsoft\Internet Explorer\Main
Value : Search Page
Data : "http://letgohome.com/sp.htm?id=9"
Possible Browser Hijack attempt : S-1-5-21-854245398-1343024091-1060284298-1003\Software\Microsoft\Internet Explorer\MainStart Pageletgohome.com
Possible Browser Hijack attempt Object Recognized!
Type : RegData
Data : "http://letgohome.com/hp.htm?id=9"
Category : Malware
Comment : Possible Browser Hijack attempt
Rootkey : HKEY_USERS
Object : S-1-5-21-854245398-1343024091-1060284298-1003\Software\Microsoft\Internet Explorer\Main
Value : Start Page
Data : "http://letgohome.com/hp.htm?id=9"
Possible Browser Hijack attempt : S-1-5-21-854245398-1343024091-1060284298-1003\Software\Microsoft\Internet Explorer\MainSearch Barletgohome.com
Possible Browser Hijack attempt Object Recognized!
Type : RegData
Data : "http://letgohome.com/sp.htm?id=9"
Category : Malware
Comment : Possible Browser Hijack attempt
Rootkey : HKEY_USERS
Object : S-1-5-21-854245398-1343024091-1060284298-1003\Software\Microsoft\Internet Explorer\Main
Value : Search Bar
Data : "http://letgohome.com/sp.htm?id=9"
Possible Browser Hijack attempt : S-1-5-21-854245398-1343024091-1060284298-1003\Software\Microsoft\Internet ExplorerSearchURLletgohome.com
Possible Browser Hijack attempt Object Recognized!
Type : RegData
Data : "http://letgohome.com/sp.htm?id=9"
Category : Malware
Comment : Possible Browser Hijack attempt
Rootkey : HKEY_USERS
Object : S-1-5-21-854245398-1343024091-1060284298-1003\Software\Microsoft\Internet Explorer
Value : SearchURL
Data : "http://letgohome.com/sp.htm?id=9"
Deep registry scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 5
Objects found so far: 74
Started Tracking Cookie scan
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
Tracking cookie scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 74
Deep scanning and examining files (C:)
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
CoolWebSearch Object Recognized!
Type : File
Data : stop.00009_4.exe.000
Category : Malware
Comment :
Object : C:\Documents and Settings\All Users\(3).clamwin\quarantine(2)\
CoolWebSearch Object Recognized!
Type : File
Data : stop.00009_4[1].exe.000
Category : Malware
Comment :
Object : C:\Documents and Settings\All Users\(3).clamwin\quarantine(2)\
CoolWebSearch Object Recognized!
Type : File
Data : w8c6s4xcm66s.dll.000
Category : Malware
Comment :
Object : C:\Documents and Settings\All Users\(3).clamwin\quarantine(2)\
FileVersion : 1, 0, 31, 0
ProductVersion : 1, 0, 31, 0
ProductName : Cassandra
CompanyName : Melkosoft Corporation
LegalCopyright : Copyright © 2004
Security iGuard Object Recognized!
Type : File
Data : A0000922.exe
Category : Malware
Comment :
Object : C:\System Volume Information\_restore{5A2BA0D1-385E-4100-B363-DA6A665A5EEC}\RP10\
FileVersion : 1,0,0,53
ProductVersion : 1,0,0,53
ProductName : Security iGuard Application
CompanyName : Rex-Services
FileDescription : Security iGuard
InternalName : Security iGuard
LegalCopyright : Copyright © 2004 Rex-Services All rights reserved
OriginalFilename : Security iGuard.exe
Security iGuard Object Recognized!
Type : File
Data : A0000924.exe
Category : Malware
Comment :
Object : C:\System Volume Information\_restore{5A2BA0D1-385E-4100-B363-DA6A665A5EEC}\RP10\
CoolWebSearch Object Recognized!
Type : File
Data : A0000937.dll
Category : Malware
Comment :
Object : C:\System Volume Information\_restore{5A2BA0D1-385E-4100-B363-DA6A665A5EEC}\RP10\
FileVersion : 1, 0, 31, 0
ProductVersion : 1, 0, 31, 0
ProductName : Cassandra
CompanyName : Melkosoft Corporation
LegalCopyright : Copyright © 2004
CoolWebSearch Object Recognized!
Type : File
Data : A0000938.dll
Category : Malware
Comment :
Object : C:\System Volume Information\_restore{5A2BA0D1-385E-4100-B363-DA6A665A5EEC}\RP10\
FileVersion : 1, 0, 31, 0
ProductVersion : 1, 0, 31, 0
ProductName : Cassandra
CompanyName : Melkosoft Corporation
LegalCopyright : Copyright © 2004
CoolWebSearch Object Recognized!
Type : File
Data : A0000939.dll
Category : Malware
Comment :
Object : C:\System Volume Information\_restore{5A2BA0D1-385E-4100-B363-DA6A665A5EEC}\RP10\
FileVersion : 1, 0, 31, 0
ProductVersion : 1, 0, 31, 0
ProductName : Cassandra
CompanyName : Melkosoft Corporation
LegalCopyright : Copyright © 2004
CoolWebSearch Object Recognized!
Type : File
Data : A0000940.dll
Category : Malware
Comment :
Object : C:\System Volume Information\_restore{5A2BA0D1-385E-4100-B363-DA6A665A5EEC}\RP10\
FileVersion : 1, 0, 31, 0
ProductVersion : 1, 0, 31, 0
ProductName : Cassandra
CompanyName : Melkosoft Corporation
LegalCopyright : Copyright © 2004
CoolWebSearch Object Recognized!
Type : File
Data : A0001018.dll
Category : Malware
Comment :
Object : C:\System Volume Information\_restore{5A2BA0D1-385E-4100-B363-DA6A665A5EEC}\RP11\
FileVersion : 1, 0, 31, 0
ProductVersion : 1, 0, 31, 0
ProductName : Cassandra
CompanyName : Melkosoft Corporation
LegalCopyright : Copyright © 2004
CoolWebSearch Object Recognized!
Type : File
Data : A0001030.exe
Category : Malware
Comment :
Object : C:\System Volume Information\_restore{5A2BA0D1-385E-4100-B363-DA6A665A5EEC}\RP12\
Security iGuard Object Recognized!
Type : File
Data : A0001037.exe
Category : Malware
Comment :
Object : C:\System Volume Information\_restore{5A2BA0D1-385E-4100-B363-DA6A665A5EEC}\RP12\
FileVersion : 1,0,0,53
ProductVersion : 1,0,0,53
ProductName : Security iGuard Application
CompanyName : Rex-Services
FileDescription : Security iGuard
InternalName : Security iGuard
LegalCopyright : Copyright © 2004 Rex-Services All rights reserved
OriginalFilename : Security iGuard.exe
Security iGuard Object Recognized!
Type : File
Data : A0001039.exe
Category : Malware
Comment :
Object : C:\System Volume Information\_restore{5A2BA0D1-385E-4100-B363-DA6A665A5EEC}\RP12\
CoolWebSearch Object Recognized!
Type : File
Data : A0001051.dll
Category : Malware
Comment :
Object : C:\System Volume Information\_restore{5A2BA0D1-385E-4100-B363-DA6A665A5EEC}\RP12\
FileVersion : 1, 0, 31, 0
ProductVersion : 1, 0, 31, 0
ProductName : Cassandra
CompanyName : Melkosoft Corporation
LegalCopyright : Copyright © 2004
WindUpdates Object Recognized!
Type : File
Data : A0001074.vxd
Category : Malware
Comment :
Object : C:\System Volume Information\_restore{5A2BA0D1-385E-4100-B363-DA6A665A5EEC}\RP17\
CoolWebSearch Object Recognized!
Type : File
Data : A0001084.dll
Category : Malware
Comment :
Object : C:\System Volume Information\_restore{5A2BA0D1-385E-4100-B363-DA6A665A5EEC}\RP17\
FileVersion : 1, 0, 31, 0
ProductVersion : 1, 0, 31, 0
ProductName : Cassandra
CompanyName : Melkosoft Corporation
LegalCopyright : Copyright © 2004
CoolWebSearch Object Recognized!
Type : File
Data : A0001085.dll
Category : Malware
Comment :
Object : C:\System Volume Information\_restore{5A2BA0D1-385E-4100-B363-DA6A665A5EEC}\RP17\
FileVersion : 1, 0, 31, 0
ProductVersion : 1, 0, 31, 0
ProductName : Cassandra
CompanyName : Melkosoft Corporation
LegalCopyright : Copyright © 2004
CoolWebSearch Object Recognized!
Type : File
Data : A0001098.dll
Category : Malware
Comment :
Object : C:\System Volume Information\_restore{5A2BA0D1-385E-4100-B363-DA6A665A5EEC}\RP17\
FileVersion : 1, 0, 31, 0
ProductVersion : 1, 0, 31, 0
ProductName : Cassandra
CompanyName : Melkosoft Corporation
LegalCopyright : Copyright © 2004
CoolWebSearch Object Recognized!
Type : File
Data : A0001810.dll
Category : Malware
Comment :
Object : C:\System Volume Information\_restore{5A2BA0D1-385E-4100-B363-DA6A665A5EEC}\RP18\
FileVersion : 1, 0, 31, 0
ProductVersion : 1, 0, 31, 0
ProductName : Cassandra
CompanyName : Melkosoft Corporation
LegalCopyright : Copyright © 2004
CoolWebSearch Object Recognized!
Type : File
Data : A0001839.dll
Category : Malware
Comment :
Object : C:\System Volume Information\_restore{5A2BA0D1-385E-4100-B363-DA6A665A5EEC}\RP19\
FileVersion : 1, 0, 31, 0
ProductVersion : 1, 0, 31, 0
ProductName : Cassandra
CompanyName : Melkosoft Corporation
LegalCopyright : Copyright © 2004
CoolWebSearch Object Recognized!
Type : File
Data : A0001866.exe
Category : Malware
Comment :
Object : C:\System Volume Information\_restore{5A2BA0D1-385E-4100-B363-DA6A665A5EEC}\RP19\
CoolWebSearch Object Recognized!
Type : File
Data : A0001940.dll
Category : Malware
Comment :
Object : C:\System Volume Information\_restore{5A2BA0D1-385E-4100-B363-DA6A665A5EEC}\RP20\
FileVersion : 1, 0, 31, 0
ProductVersi
Sign In
Create Account
